3 files changed, 32 insertions, 9 deletions
diff --git a/fs/xattr.c b/fs/xattr.c
index 3368659c471e..2d13b4e62fae 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -170,7 +170,7 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
                const void *value, size_t size, int flags)
 {
        struct inode *inode = dentry->d_inode;
-        int error = -EOPNOTSUPP;
+        int error = -EAGAIN;
        int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
                                   XATTR_SECURITY_PREFIX_LEN);
@@ -183,15 +183,21 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
                        security_inode_post_setxattr(dentry, name, value,
                                                     size, flags);
                }
-        } else if (issec) {
+        } else {
-                const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
                if (unlikely(is_bad_inode(inode)))
                        return -EIO;
-                error = security_inode_setsecurity(inode, suffix, value,
+        }
-                                                   size, flags);
+        if (error == -EAGAIN) {
-                if (!error)
+                error = -EOPNOTSUPP;
-                        fsnotify_xattr(dentry);
+                if (issec) {
+                        const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
+                        error = security_inode_setsecurity(inode, suffix, value,
+                                                           size, flags);
+                        if (!error)
+                                fsnotify_xattr(dentry);
+                }
        }
        return error;
diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index f0c7f1481bae..f2bd21b93dfc 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -683,10 +683,11 @@ static void pipe_advance(struct iov_iter *i, size_t size)
        struct pipe_inode_info *pipe = i->pipe;
        struct pipe_buffer *buf;
        int idx = i->idx;
-        size_t off = i->iov_offset;
+        size_t off = i->iov_offset, orig_sz;
        
        if (unlikely(i->count < size))
                size = i->count;
+        orig_sz = size;
        if (size) {
                if (off) /* make it relative to the beginning of buffer */
@@ -713,6 +714,7 @@ static void pipe_advance(struct iov_iter *i, size_t size)
                        pipe->nrbufs--;
                }
        }
+        i->count -= orig_sz;
 }
 void iov_iter_advance(struct iov_iter *i, size_t size)
diff --git a/net/socket.c b/net/socket.c
index 272518b087c8..73dc69f9681e 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -341,8 +341,23 @@ static const struct xattr_handler sockfs_xattr_handler = {
        .get = sockfs_xattr_get,
 };
+static int sockfs_security_xattr_set(const struct xattr_handler *handler,
+                                     struct dentry *dentry, struct inode *inode,
+                                     const char *suffix, const void *value,
+                                     size_t size, int flags)
+{
+        /* Handled by LSM. */
+        return -EAGAIN;
+}
+static const struct xattr_handler sockfs_security_xattr_handler = {
+        .prefix = XATTR_SECURITY_PREFIX,
+        .set = sockfs_security_xattr_set,
+};
 static const struct xattr_handler *sockfs_xattr_handlers[] = {
        &sockfs_xattr_handler,
+        &sockfs_security_xattr_handler,
        NULL
 };

diff --git a/fs/xattr.c b/fs/xattr.c index 3368659c471e..2d13b4e62fae 100644 --- a/fs/xattr.c +++ b/fs/xattr.c
@@ -170,7 +170,7 @@ int __vfs_setxattr_noperm(struct dentry dentry, const char name,
170	const void *value, size_t size, int flags)	170	const void *value, size_t size, int flags)
171	{	171	{
172	struct inode *inode = dentry->d_inode;	172	struct inode *inode = dentry->d_inode;
173	int error = -EOPNOTSUPP;	173	int error = -EAGAIN;
174	int issec = !strncmp(name, XATTR_SECURITY_PREFIX,	174	int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
175	XATTR_SECURITY_PREFIX_LEN);	175	XATTR_SECURITY_PREFIX_LEN);
176		176
@@ -183,15 +183,21 @@ int __vfs_setxattr_noperm(struct dentry dentry, const char name,
183	security_inode_post_setxattr(dentry, name, value,	183	security_inode_post_setxattr(dentry, name, value,
184	size, flags);	184	size, flags);
185	}	185	}
186	} else if (issec) {	186	} else {
187	const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
188
189	if (unlikely(is_bad_inode(inode)))	187	if (unlikely(is_bad_inode(inode)))
190	return -EIO;	188	return -EIO;
191	error = security_inode_setsecurity(inode, suffix, value,	189	}
192	size, flags);	190	if (error == -EAGAIN) {
193	if (!error)	191	error = -EOPNOTSUPP;
194	fsnotify_xattr(dentry);	192
		193	if (issec) {
		194	const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
		195
		196	error = security_inode_setsecurity(inode, suffix, value,
		197	size, flags);
		198	if (!error)
		199	fsnotify_xattr(dentry);
		200	}
195	}	201	}
196		202
197	return error;	203	return error;


diff --git a/lib/iov_iter.c b/lib/iov_iter.c index f0c7f1481bae..f2bd21b93dfc 100644 --- a/lib/iov_iter.c +++ b/lib/iov_iter.c
@@ -683,10 +683,11 @@ static void pipe_advance(struct iov_iter *i, size_t size)
683	struct pipe_inode_info *pipe = i->pipe;	683	struct pipe_inode_info *pipe = i->pipe;
684	struct pipe_buffer *buf;	684	struct pipe_buffer *buf;
685	int idx = i->idx;	685	int idx = i->idx;
686	size_t off = i->iov_offset;	686	size_t off = i->iov_offset, orig_sz;
687		687
688	if (unlikely(i->count < size))	688	if (unlikely(i->count < size))
689	size = i->count;	689	size = i->count;
		690	orig_sz = size;
690		691
691	if (size) {	692	if (size) {
692	if (off) /* make it relative to the beginning of buffer */	693	if (off) /* make it relative to the beginning of buffer */
@@ -713,6 +714,7 @@ static void pipe_advance(struct iov_iter *i, size_t size)
713	pipe->nrbufs--;	714	pipe->nrbufs--;
714	}	715	}
715	}	716	}
		717	i->count -= orig_sz;
716	}	718	}
717		719
718	void iov_iter_advance(struct iov_iter *i, size_t size)	720	void iov_iter_advance(struct iov_iter *i, size_t size)


diff --git a/net/socket.c b/net/socket.c index 272518b087c8..73dc69f9681e 100644 --- a/net/socket.c +++ b/net/socket.c
@@ -341,8 +341,23 @@ static const struct xattr_handler sockfs_xattr_handler = {
341	.get = sockfs_xattr_get,	341	.get = sockfs_xattr_get,
342	};	342	};
343		343
		344	static int sockfs_security_xattr_set(const struct xattr_handler *handler,
		345	struct dentry dentry, struct inode inode,
		346	const char suffix, const void value,
		347	size_t size, int flags)
		348	{
		349	/* Handled by LSM. */
		350	return -EAGAIN;
		351	}
		352
		353	static const struct xattr_handler sockfs_security_xattr_handler = {
		354	.prefix = XATTR_SECURITY_PREFIX,
		355	.set = sockfs_security_xattr_set,
		356	};
		357
344	static const struct xattr_handler *sockfs_xattr_handlers[] = {	358	static const struct xattr_handler *sockfs_xattr_handlers[] = {
345	&sockfs_xattr_handler,	359	&sockfs_xattr_handler,
		360	&sockfs_security_xattr_handler,
346	NULL	361	NULL
347	};	362	};
348		363